OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xri message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [xri] RE: Delegation (was: trusted discovery workflow)


A domain delegating the management of their services to a third party. Hosting and managing XRDs can and should become a product. Of course, if you <ref> the entire XRD, you can as easily just point the Link in that direction in the first place but it only works well with Link header and element where you have a resource level control. If you use a /site-meta map, it is impossible to point some XRD locations to server A and some to server B (at least this is a use case I refuse to support due to complexity). I much rather allow this to happen using a simple <Ref> in the local XRD itself.

EHL

> -----Original Message-----
> From: Brian Eaton [mailto:beaton@google.com]
> Sent: Friday, December 05, 2008 9:34 AM
> To: Eran Hammer-Lahav
> Cc: xri@lists.oasis-open.org
> Subject: Re: [xri] RE: Delegation (was: trusted discovery workflow)
>
> On Fri, Dec 5, 2008 at 8:34 AM, Eran Hammer-Lahav <eran@hueniverse.com>
> wrote:
> > The <XRD:Ref> element voids anything else within the XRD and
> basically points to another entity to provide the full resource
> descriptor. An open question for me is what is <Ref> pointing to?
> Another resource or another XRD?
> >
> > The <XRD:Service> element is in many cases (such as OpenID) a
> service-specific delegation of some control.
>
> Agreed, this is an important distinction.  Here are some use cases to
> consider:
>
> - A user points to their portable contacts endpoint.  Ideally this
> would be signed with a key belonging to the user, but key distribution
> is really difficult.  We'll probably have to settle for this being
> signed with a key belonging to the user's domain.
>
> - A domain points to the portable contacts endpoint for all of their
> users.  I'd look for this to be signed with a key belonging to the
> domain.
>
> - A user points to their OpenID provider.
>
> - A domain points to the OpenID provider for all of their users.
>
> Hrm.  I'm not seeing anything in there that suggests a "Ref", those
> all seem like "Service" to me.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]